Sensitive information, such as configuration settings, connection strings, passwords, etc. is often stored in a database. Anyone having database access is able to query this information. Encrypting the information that is stored in the database helps to protect such information. Unfortunately, it is a common practice for software engineers to store the encryption key in the database. This is well known by hackers. Thus, in a multi-tenant/multi-user environment, an insider can potentially gain access to all of the tenant and/or user information within the database. This exposes the tenant's sensitive information to mischief.
It would be advantageous to ensure that the exposure of sensitive tenant information, including such exposure to insiders, is minimized.